Nessus Plugin #10316
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
WinSATAN
- Family:
- Backdoors
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2000 Julio CΘsar Hernßndez
- Summary:
- Checks for the presence of WinSATAN
- Version:
- $Revision: 1.11 $
- Cve_id:
- -
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
- WinSATAN is installed.
This backdoor allows anyone to partially take control
of the remote system.
An attacker may use it to steal your password or prevent
your system from working properly.
Solution : use RegEdit, and find 'RegisterServiceBackUp'
in HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run
The value's data is the path of the file.
If you are infected by WinSATAN, then
the registry value is named 'fs-backup.exe'.
Additional Info : http://online.securityfocus.com/archive/75/17508
Additional Info : http://online.securityfocus.com/archive/75/17663
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.